PHP HMac Restful Api

Question

PHP HMac Restful Api

Jete Aug '13

Created Aug '13	Last Reply Sep '16	Replies 9	Views 2736	Votes 6

Jete 6.1k

Aug '13

Hi, created a HMAC Restful api on github. Feedback welcome.

Still have a few things left

change from client id (auto incremented) to 20 character public key (so you can't iterate through)
need to include uri hash check for better security
need to check timestamp, allow only 5 min span
client is lame
add better documentation on github

https://github.com/jeteokeeffe/php-hmac-rest-api

6

Nikolaos Dimopoulos · Answer 1 · 2013-08-27T05:59:57-07:00

Nikolaos Dimopoulos
39.3k

Aug '13

Thanks for sharing!

Paul Grant Truesdell, II · Answer 2 · 2013-08-27T07:39:36-07:00

Paul Grant Truesdell, II
4.2k

Aug '13

Looks good, i'll take it for a spin soon.

Jete · Answer 3 · 2013-08-27T09:02:16-07:00

Jete
6.1k

Aug '13

if you find any issues, let me know, ill fix asap

Farkhod · Answer 4 · 2013-08-27T22:22:30-07:00

Farkhod
42.1k

Aug '13

Excellent.

Bruno · Answer 5 · 2015-06-02T13:53:09-07:00

Thanks for sharing. When I try your client-connect.php the application returns

The requested URL /php-hmac-rest-api/ping was not found on this server.

The Request looks valid... Any ideas where my mistake might be?

Jete · Answer 6 · 2015-06-03T09:11:30-07:00

Jete
6.1k

Jun '15

the request should come across as /ping and NOT /php-hmac-rest-api/ping

Bruno · Answer 7 · 2015-06-03T14:56:29-07:00

Bruno
6.3k

Jun '15

How do I accomplish that? I just changed the parts you mentioned on GitHub...

Joao Rios · Answer 8 · 2015-06-05T06:46:20-07:00

Bruno, you may be missing the .htaccess file at the root:

<IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^$ public/ [L] RewriteRule (.*) public/$1 [L] </IfModule>

Bruno · Answer 9 · 2015-06-06T06:14:08-07:00

Bruno
6.3k

Jun '15

with this .htaccess i get an 500 internal server error

Joao Rios · Answer 10 · 2015-06-06T07:06:49-07:00

you also need an .htaccess inside the folder public:

<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ index.php?_url=/$1 [QSA,L] </IfModule>

and the client-connect.php, change the $host accordingly to your server url :


$route = '/ping';
//$route = '/test/4';
//$route = '/doesntexist';
//$route = '/skip/auth';

if (isset($argv[1])) {
    $host = 'https://' . $argv[1] . $route;
} else {
    //$host = "https://api.example.com" . $route;
    // change the $host  accordingly to your server url :
    $host = "https://localhost/php-hmac-rest-api-master" . $route;

}

Edwin Manuel Cerrón Angeles · Answer 11 · 2016-09-29T08:36:11-07:00

Edwin Manuel Cerrón Angeles
40.0k

Sep '16

good! man!